CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!
Threat and Vulnerability Intelligence Database
Example Searches:
CVE
Threat Actors
Countries
Vendors
Severity
Known Exploited
CVE-2025-1934 |
Description: It was possible to interrupt the processing of a RegExp bailout and run additional JavaScript, potentially triggering garbage collection when the engine was not expecting it. This vulnerability affects Firefox < 136 and Firefox ESR < 128.8.
EPSS Score: 0.16%
March 4th, 2025 (4 months ago)
|
|
CVE-2025-1933 |
Description: On 64-bit CPUs, when the JIT compiles WASM i32 return values they can pick up bits from left over memory. This can potentially cause them to be treated as a different type. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.
EPSS Score: 0.14%
March 4th, 2025 (4 months ago)
|
|
CVE-2025-1932 |
Description: An inconsistent comparator in xslt/txNodeSorter could have resulted in potentially exploitable out-of-bounds access. Only affected version 122 and later. This vulnerability affects Firefox < 136 and Firefox ESR < 128.8.
EPSS Score: 0.07%
March 4th, 2025 (4 months ago)
|
|
CVE-2025-1931 |
Description: It was possible to cause a use-after-free in the content process side of a WebTransport connection, leading to a potentially exploitable crash. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.
EPSS Score: 0.21%
March 4th, 2025 (4 months ago)
|
|
CVE-2025-1930 |
Description: On Windows, a compromised content process could use bad StreamData sent over AudioIPC to trigger a use-after-free in the Browser process. This could have led to a sandbox escape. This vulnerability affects Firefox < 136, Firefox ESR < 115.21, and Firefox ESR < 128.8.
EPSS Score: 0.09%
March 4th, 2025 (4 months ago)
|
|
CVE-2025-1925 |
Description: A vulnerability classified as problematic was found in Open5GS up to 2.7.2. Affected by this vulnerability is the function amf_nsmf_pdusession_handle_update_sm_context of the file src/amf/nsmf-handler.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. This vulnerability allows a single UE to crash the AMF, resulting in the complete loss of mobility and session management services and causing a network-wide outage. All registered UEs will lose connectivity, and new registrations will be blocked until the AMF is restarted, leading to a high availability impact. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. In Open5GS bis 2.7.2 wurde eine problematische Schwachstelle entdeckt. Dabei geht es um die Funktion amf_nsmf_pdusession_handle_update_sm_context der Datei src/amf/nsmf-handler.c der Komponente AMF. Mittels Manipulieren mit unbekannten Daten kann eine denial of service-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei über das Netzwerk erfolgen. Der Exploit steht zur öffentlichen Verfügung. Als bestmögliche Massnahme wird Patching empfohlen.
CVSS: MEDIUM (6.9) EPSS Score: 0.07%
March 4th, 2025 (4 months ago)
|
|
Description: An NCSC assessment focusing on how AI will impact the efficacy of cyber operations and the implications for the cyber threat over the next two years.
March 4th, 2025 (4 months ago)
|
|
|
Description: Creating custom Roles in Azure can be a complex process that may yield long and unwieldy Role definitions that are difficult to manage. However, it doesn’t have to be that way. Read on to learn how you can simplify this process using the Azure “NotActions” and “NotDataActions” attributes, and create custom Azure Roles that are compact, manageable and – dare we say it? – even elegant.If you’re familiar with the role-based access control (RBAC) mechanism in Azure, then you’ve probably used Roles, which define the actions that an Azure user, group or service principal is allowed to take. Azure offers a set of pre-built Roles – which Azure calls built-in Roles – but you can also build custom ones. However, this may yield lengthy custom Role definitions that are cumbersome and inconvenient to maintain.In this blog, we’ll explain how Tenable Cloud Security simplifies the process of assigning permissions using custom Roles by streamlining the use of the Azure properties NotActions and NotDataActions. We’ll also outline why making custom Roles easier to read and manage is beneficial for both security and operational purposes.A look at Azure RolesThe three elements of a Role assignment are: security principal, role definition and scope. (If you’d like a refresher on the basics of Azure Roles, please check out our blog post “Deconstructing Azure Access Management using RBAC.”)For the purposes of this blog post, it’s essential to note that an Azure Role is a JavaScript Object Notatio...
March 4th, 2025 (4 months ago)
|
|
|
Description: Broadcom warned customers today about three VMware zero-days, tagged as exploited in attacks and reported by the Microsoft Threat Intelligence Center. [...]
March 4th, 2025 (4 months ago)
|
|
|
Description: Our research shows that using Serverless components makes it easier to get good security in the cloud
March 4th, 2025 (4 months ago)
|